--snip--
All passwords are sent or displayed to the user before going to the database and when it is saved in the database is already encrypted, this will not cause problems if the server is invaded.
--snip--
Could you elaborate on the quoted text? Do i understand it correctly if i presume the passwords go into an encrypted database, but they're stored in plain text in this database?
If so, this is a huge security risk, even if your database is encrypted... I'd rather use a system with an unencrypted database that stores a salted hash of my password than using a system with an encrypted database that stores my password in plain text...